INSIGHT: Cyber threat reaches crisis level, top US officials say

14 March 2013 16:41[Source: ICIS news]

By Joe Kamalick

WASHINGTON (ICIS)--Top US intelligence and security officials this week raised the threat of cyber attacks and online espionage to crisis level, warning that the US will retaliate against any major assault and naming China as the chief perpetrator.

Tom Donilon, national security advisor to President Barack Obama, said in a speech that cyber attacks from China have reached an unprecedented scale, and he warned that the US cannot further accept such intrusions.

While noting that US national security issues are at stake in cyber space, Donilon said that “this is not solely a national security concern or a concern of the US government”.

“Increasingly, US businesses are speaking out about their serious concerns about sophisticated, targeted theft of confidential business information and proprietary technologies through cyber intrusions emanating from China on an unprecedented scale,” he said.

“The international community cannot afford to tolerate such activity from any country,” Donilon said, quoting Obama as saying that “we will take action to protect our economy against cyber threats”.

At a hearing before the House Committee on Homeland Security, chairman Michael McCaul (Republican-Texas) warned that a coordinated attack on US natural gas, water and electric power systems could be devastating and result in months of infrastructure shutdowns and collapse of the nation’s economy.

“This is not science fiction, it is reality,” McCaul said, citing reports that “China is the source of nearly 90% of cyber attacks against the US”.

James Clapper, the top US intelligence and counter-intelligence official, told a Senate Intelligence Committee hearing that the US could be hit by a major cyber attack within the next two years, resulting in long-term and wide-scale disruption of services such as electric power.

Clapper, director of national intelligence, said that while chances of a catastrophic cyber attack are small, US intelligence agencies and owners and operators of critical infrastructure facilities must take action to protect against such an assault.

As head of the Office of National Intelligence (ONI), Clapper oversees 16 different US intelligence-gathering and counter-intelligence agencies.

In his wide-ranging testimony, he said that such a destructive attack would require a level of technical expertise and operational sophistication that only a few nations or non-state actors possess.

But he said that such advanced cyber-intelligence and cyber-espionage actors as China and Russia “are unlikely to launch such a devastating attack against the US outside of a military conflict or crisis that they believe threatens their vital interests”.

Instead, “isolated state or non-state actors might deploy less sophisticated cyber attacks as a form or retaliation or provocation,” he said, without naming any specific nations or groups.

“These less advanced but highly motivated actors could access some poorly protected US networks that control core functions, such as power generation, during the next two years,” he said.

Such second-tier cyber opponents might not have enough technical prowess and operational capability to cause wide-spread systemic disruptions, he said.

“At the same time, there is a risk that unsophisticated attacks would have significant outcomes due to unexpected system configurations and mistakes,” he said, “or that vulnerability at one node might spill over and contaminate other parts of a networked system.”

US chemical production facilities are frequently probed by apparent cyber attacks or cyber espionage efforts, according to US intelligence officials and industry information technology (IT) executives.

Clapper warned that “much of the nation’s critical proprietary data are on sensitive but unclassified networks” that are vulnerable to cyber attacks such as denial-of-service campaigns or to outright theft of industrial secrets.

“We assess that highly networked business practices and information technology are providing opportunities for foreign intelligence and security services, trusted insiders, hackers and others to target and collect sensitive US national security and economic data,” Clapper said.

In some cases, he warned, damage from cyber attacks or cyber espionage “can be invisible, latent and progressive”.

“It is very difficult to quantify the value of proprietary technologies and sensitive business information and, therefore, the impact of economic cyber espionage activities,” Clapper said.

But, he added, “we assess that economic cyber espionage will probably allow the actors who take this information to reap unfair gains in some industries”.

Cyber espionage also is “almost certainly allowing our adversaries to close the technological gap between our respective militaries, slowly neutralising one of our key advantages in the international area”, he said.

At a related House hearing, Department of Homeland Security (DHS) deputy secretary Jane Lute revealed that in 2012 DHS “identified a campaign of cyber intrusions targeting natural gas and pipeline companies that was highly targeted, tightly focused and well crafted”.

Had the attack been successful, she said, information acquired could have allowed unauthorised operation or shutdown of the pipeline systems.

“These intrusions and attacks are coming all the time and they are coming from different sources and take different forms,” she said, “all the while increasing in seriousness and sophistication."

In her testimony to the House Homeland Security Committee that the threat to crucial US infrastructure is tangible and imminent.

“Critical infrastructure is the backbone of our country’s national and economic security,” she said, noting that “it includes power plants, chemical facilities, communications networks, bridges and highways” among others.

Lute said that since 2009 her department has responded to almost 500,000 cyber attack reports from government agencies and private sector firms and has issued more than 26,000 cyber security alerts to public and private institutions and companies.

Also since 2009, she said, DHS has intervened to prevent some $10bn (€7.7bn) in potential losses through cyber crime investigations and arrested more than 5,000 individuals for participation in such crimes.

Focused again on China’s alleged role in cyber espionage, Donilon, the top US intelligence official, demanded that “Beijing should take serious steps to investigate and put a stop to these activities”.

In any event, he added, “The US will do all it must to protect or national networks, critical infrastructure and our valuable public and private sector property.”

Speaking for DHS, Lute told the House Homeland Security Committee that “a suite of legislation is necessary to implement the full range of steps needed to build a strong public-private partnership” to combat cyber espionage and attacks.

A cyber security bill failed in Congress last year because businesses were concerned that the measure would have given federal officials too much access to and potentially control over company activities and proprietary data.

She also urged that legislation “strengthen our critical infrastructure’s cybersecuitry by further increasing information sharing and promoting the establishment and adoption of standards for critical infrastructure”.

Lastly, Lute said that legislation was needed to give law enforcement agencies additional tools to combat cyber crime and to create what she called a “national data breach reporting requirement”.